OCR – Brokers (BA’s) “Will Pay Breach Penalty Fees or Go To Jail”

“HealthLeaders Media asked Sue McAndrew, deputy director for Health Information Privacy for OCR, if a business associate could end up paying out of its own pocket for a breach.

The answer is yes.

“Business associates going forward will be directly liable for violations that occur in their possession,” McAndrew said. “The fines would be imposed upon the BA, and if they can’t pay, we send them to jail.” ”